#!/bin/bash
echo In PostInst - $@

# NOTE: Any changes in this file have to be compatible for both DEB and RPM distros 
# as it is used in both installers. Use conditionals where necessary.

GetDistroInstaller()
{
    local __resultvar=$1

    /usr/bin/dpkg --search /usr/bin/dpkg >/dev/null 2>&1
    if [ $? = 0 ]; then
        eval $__resultvar="DEB"
    else
        /usr/bin/rpm -q -f /usr/bin/rpm >/dev/null 2>&1
        if [ $? = 0 ]; then
            eval $__resultvar="RPM"
        else
            eval $__resultvar="UNKNOWN"
        fi
    fi
}

FabricHostServicePath=/etc/systemd/system/servicefabric.service
UpdaterServicePath=/etc/systemd/system/servicefabricupdater.service

GetDistroInstaller DISTROINSTALLER

awk -F/ '$2 == "docker"' /proc/self/cgroup | read
if [ $? == 0 ]; then
    echo "Running in container"
    RunningInContainer="true"
else
    RunningInContainer="false"
fi

echo Creating sfuser
groupadd -r sfuser >/dev/null 2>&1
id -u sfuser >/dev/null 2>&1
if [ $? != 0 ]; then
    useradd -r -M sfuser -g sfuser
    if [ $? != 0 ]; then
        echo "Error: Failed to create sfuser"
        exit 1
    fi
fi

echo Creating sfappsuser
id -u sfappsuser >/dev/null 2>&1
if [ $? != 0 ]; then
    useradd -r -M sfappsuser -g sfuser
    if [ $? != 0 ]; then
        echo "Error: Failed to create sfappsuser"
        exit 1
    fi
fi

sfgrp_exists=false
getent group ServiceFabricAllowedUsers >/dev/null 2>&1 && sfgrp_exists=true
if $sfgrp_exists; then
   echo "ServiceFabricAllowedUsers exists..."
else
   groupadd -r ServiceFabricAllowedUsers
   groupadd -r ServiceFabricAdministrators
fi
usermod -a -G ServiceFabricAllowedUsers sfuser
usermod -a -G ServiceFabricAllowedUsers sfappsuser

echo "Enabling password authentication for FileStoreService accounts"
MatchStatement='Match User P_FSSUserffffffff,S_FSSUserffffffff'
PasswordAuth='PasswordAuthentication yes'
SshdConfigFile="/etc/ssh/sshd_config"

if ! grep -q "$MatchStatement" $SshdConfigFile; then
    echo                           >> $SshdConfigFile
    echo "#ServiceFabric Settings" >> $SshdConfigFile
    echo $MatchStatement           >> $SshdConfigFile
    echo $PasswordAuth             >> $SshdConfigFile
    echo                           >> $SshdConfigFile
	
	# reload sshd to reload config
    systemctl reload sshd
fi

echo Setting up Fabric environment
echo FabricHostServicePath = ${FabricHostServicePath}
echo UpdaterServicePath = ${UpdaterServicePath}

if [ ! -d /etc/servicefabric ]; then
    mkdir /etc/servicefabric
fi

echo -n ${FabricHostServicePath} > /etc/servicefabric/FabricHostServicePath
echo -n ${UpdaterServicePath} > /etc/servicefabric/UpdaterServicePath

echo "Copying servicefabric.service file to systemd"
cp -f --preserve usr/share/servicefabric/scripts/servicefabric.service ${FabricHostServicePath}
if [ $? != 0 ]; then
    echo Error: Failed to copy servicefabric.service file to systemd folder
    exit 1
fi

echo "Copying servicefabricupdater.service file to systemd"
cp -f --preserve usr/share/servicefabric/scripts/servicefabricupdater.service ${UpdaterServicePath}
if [ $? != 0 ]; then
    echo Error: Failed to copy servicefabricupdater.service file to systemd folder
    exit 1
fi

echo "Setting sfuser as owner of Fabric services"
chown sfuser:sfuser ${FabricHostServicePath}
if [ $? != 0 ]; then
    echo Error: Failed to set sfuser as owner of ${FabricHostServicePath}
    exit 1
fi

chown sfuser:sfuser ${UpdaterServicePath}
if [ $? != 0 ]; then
    echo Error: Failed to set sfuser as owner of ${UpdaterServicePath}
    exit 1
fi

echo "Setting sfuser as owner of FabricBinRoot"
chown -R sfuser:sfuser /opt/microsoft/servicefabric/bin/
if [ $? != 0 ]; then
    echo Error: Failed to set sfuser as owner of fabric bin root
    exit 1
fi


echo "Validate and fix any system service log files"

# First determine if the node has the acl or not
aclSet=-f:
for i in `lsblk -l | cut -d' ' -f1 |grep -v NAME`
do 
    getfacl  /dev/${i} | grep sfuser
    if [ $? -eq 0 ]
    then
        aclSet=-b:
    fi    
done

# List of logs that need to be validated
for list in sysshared.log cmshared.log nsshared.log fsshared.log fmshared.log rmshared.log UpgradeServiceStore
do    
    for i in `sudo find /mnt -name ${list}`
    do
        echo ${i} ${aclSet}
        sudo LD_LIBRARY_PATH=/opt/microsoft/servicefabric/bin/Fabric/Fabric.Code/ /opt/microsoft/servicefabric/bin/Fabric/Fabric.Code/CheckLinuxLog.exe -l:${i} ${aclSet} -r:
        if [ $? -eq 0 ]
        then
            chown sfuser:sfuser ${i}
            if [ $? != 0 ]; then
                echo Error: Failed to set sfuser as owner of log file
                exit 1
            fi
	else	    
	    echo "Error: Validate and fix system log failed, returning error"
	    exit 1
	fi
    done
done

# Other system service staging logs
for i in `sudo find /mnt -name *.stlog | grep __FabricSystem_App4294967295`
do
    echo ${i} ${aclSet}
    sudo LD_LIBRARY_PATH=/opt/microsoft/servicefabric/bin/Fabric/Fabric.Code/ /opt/microsoft/servicefabric/bin/Fabric/Fabric.Code/CheckLinuxLog.exe -l:${i} ${aclSet} -r:
    if [ $? -eq 0 ]
    then
        chown sfuser:sfuser ${i}
        if [ $? != 0 ]; then
            echo Error: Failed to set sfuser as owner of log file
            exit 1
        fi
    else	    
        echo "Error: Validate and fix system log failed, returning error. Are you out of disk space ???"
        exit 1
    fi
done



# set up and start atop
if [ -f /usr/bin/atop ]; then
    AtopConfigPath=
    if [ $DISTROINSTALLER = "DEB" ]; then
        AtopConfigPath=/etc/default/atop
    elif [ $DISTROINSTALLER = "RPM" ]; then
        AtopConfigPath=/etc/sysconfig/atop
    fi

    sed -i "s/INTERVAL=.*$/INTERVAL=10/" ${AtopConfigPath}
    if [ $? != 0 ]; then
        echo Could not write atop config at ${AtopConfigPath}
    fi

    # restart instead of start in case atop is already running
    systemctl restart atop.service
    if [ $? != 0 ]; then
        "echo Error: Failed to restart atop.service"
        if [ "$RunningInContainer" == "true" ]; then
            echo "Ignoring systemctl access due to running in container environment."
        else
            exit 1
        fi
    fi
else
    echo "atop not installed, so not configured."
fi

exit 0

